-
Recently Browsing 0 members
No registered users viewing this page.
-
Similar Content
-
By theoretic
Hi there! And thanks for Processwire!
I've got an interesting case concerning access to current user page. It appears that PW somehow limits access to the frontend page of current user.
I'm speaking about a specific PW configuration. We have two kind of users: 'regular' users with native user template and member users with specific member template and specific members parent page (by the way, it's so cool that PW allows to use custom user templates and custom parent for certain user pages!). So a member with name Joe has a page with member template and url like /members/joe .
The members template has some access limitations: only member users can see pages with member template. It works like a charm in most situations. For example, user Bill (who has member template and is logged in) can browse a page with url /members/ann which also is a member page with member template.
And now, meet the glitch! The above-mentioned Bill cannot get to his own page /members/bill ! PW generates 404 page instead.
I see no reason for this behavior. From my point of view any member should have access to any member page in this situation. What am i doing wrong? Any advice is welcome!
-
By wwwouter
Some context: I want to use PHP variables in my CSS (more info below) and found a solution on CSS-tricks that looks fairly elegant and somewhat solid to me. It's pretty simple, I created a file style.css.php inside the site/templates/ directory and load that in my page head. In style.css.php is the following:
<?php header("Content-type: text/css; charset: UTF-8"); header("Charset:utf-8"); if ($homepage->hero_image) { echo <<<CSS .hero { background: url($homepage->hero_image->url) no-repeat; } CSS; } ?> Because of the following RewriteCond (line 373) in the htaccess file the server sends a 403 error back when the file is requested:
# Block access to any PHP or markup files in /site/templates/ or /site-*/templates/ RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/templates($|/|/.*\.(php|html?|tpl|inc))($|/) [NC,OR] (My htaccess file is @version 3.0 and @htaccessVersion 301)
This is how I thought I could fix that (based on these answers on stack overflow) but it does not work:
# Block access to any PHP or markup files in /site/templates/ or /site-*/templates/ RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/templates($|/|/((?!style\.css).)*\.(php|html?|tpl|inc))($|/) [NC,OR] I tested the rule with htacess tester and htaccess check and both worked for me, but on my site I still get a 403 instead of the file.
I'm working on localhost, using MAMP (not sure if that's relevant).
A bit more about what I want to do achieve specifically:
I want to use an image as a background-image for an element, not place it as an image. This image is provided by the user via a field and can therefore change.
I know I can achieve this like this:
echo "<section class='hero' style='background-image: url($page->hero_image->url)'></section>"; But I would prefer a method other than inlining because of scalability and cleanliness. (I admit the extra link in the page head is not ideal either)
P.s. this is my first post here, I hope it's submitted in the right forum and my explanation is clear.
-
By Lewis Newson
Hi All,
Im working on streamlining my email sending setup for SMTP. I have a page where the user of the website can input the SMTP host, port, connection type email and password etc but the password field has an additional box underneath it for 'Confirming' it as if it were a new password. The placeholder text also says 'New Password' but I want to be able to change that. I just need an input field where they can enter their SMTP password without it being plain text.
Thanks for your help!
-
By humanafterall
Hi,
I would like to set an admin template to 'https only' as recommended in the Processwire security docs.
However if I do this it forces this setting locally too, resulting in https://localhost requests which result in an error page.
Is there a simple way round this? Setting https for templates in the config?
Thanks!
-
By nuel
Dear PW Community
Let me shout out my question here, I really don't know where to start and hope someone can give me a hint or tell me to resign and go home and cry.
I want to create a subpage that is only accessible to people with unique access codes. It's gonna be an online concert streaming page (thanks Corona!). People who buy tickets through a local ticketing service should be able to access and stream the show with their individual access code. These codes should work only for this person and show. If someone in the «audience» closes and reopens the page, they should get in again, but not their friends who were given the code of course, basically just like in a club with a ticket and a stamp on the wrist.
Now, is there a possibility to achieve that with more or less basic Processwire skills? In my imagination I have a field where I list the given access codes, another two to add start and ending date/time of the show, maybe one for a unique ID/title of the show.
Is there an existing module for something like that? Should I get into the module development field and create that? How?? Haha. Any comments are welcome here.
Thanks,
Nuél
-